HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hcltech domino 10.0.0 |
||
hcltech domino 10.0.1 |
||
hcltech domino 11.0 |
||
hcltech domino 11.0.1 |